Release Notes
Back to All

Identity Security Insights 25.02.2

2 months ago

February 20, 2025

New Features

True Privilege graph

This new graph gives you a view of how identities are linked to accounts with high and highest entitlements. Use it to see what escalation paths a threat actor can take to gain privileges.

The graph is composed of nodes:

  • Identities: The starting point for the graph, represented by a thumbprint.
  • Accounts: The accounts the identity is linked to.
  • Entitlements: The high and highest entitlements the linked accounts hold.
  • Escalations: Linked from entitlements with an orange line. Includes users, groups, containers, organizations, computers, service principles, policies, and more.

Click any node to open a side panel with detailed information about the identity, account, or entitlement.

Access the graph via Account Details if the account is linked to an identity, via Identity Details, or by selecting the icon under the Actions column of the Identities grid.

📘

For more information, see the Identities page.

Enhancements

Insights Collector updates

Added store and forward capability

If there is a connection issue with the member server, the Insights Collector now stores event data locally. Once the connection is restored, the stored event data is forwarded automatically. This significantly reduces the risk of data loss during connection interruptions, providing reliable and consistent data collection.

Windows event 4741 Collection

The Insights Collector now includes the collection of Windows Event 4741, which logs the creation of new user accounts. This provides additional visibility into account management activities.

📘

For more information, see Insights Collector.

Privilege level on the Identity page

We added True Privilege to the Identities grid and Identity Details section to provide a clearer view of potential access rights through privilege escalation.

📘

For more information, see the Identities page.

Deep link to connector data health

We've added a deep link from the Connectors Configured grid to the "Connector Data Health" report. This gives you easier access to view the data we've pulled, data not yet pulled, and any issues encountered during data retrieval.

©2003-2025 BeyondTrust Corporation. All Rights Reserved. Other trademarks identified on this page are owned by their respective owners. BeyondTrust is not a chartered bank or trust company, or depository institution. It is not authorized to accept deposits or trust accounts and is not licensed or regulated by any state or federal banking authority.